- Description
- A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 1.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8227C8AC-7AAC-4DD1-A998-81595B0352DE"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6982E71E-FD79-47A5-8060-56499F7D00B5"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE37CE11-6A58-4058-B3A0-5A223DC5601B"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E747BF22-8A13-4073-967F-0C28055B2A45"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9B95F0E-F10A-4A0A-B675-73AD50A552B2"
},
{
"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42AC5772-6E74-4B9C-815F-ED8C265FED53"
}
],
"operator": "OR"
}
]
}
]